I am making an app that will allow external devices to be controlled through that app. Every time I plug in a device, I get the popup asking for permission to use the device (even if I already granted it permission to use it and checked the box to remember). Is there a way to just automatically allow all devices and never ask for permission? Or maybe a way to short circuit the permission like
private UsbManager mUsbManager;
mUsbManager.hasPermission(device) = true;
UsbManager doesn't have the method to grant permission, but you can automatically grant permission if you are using intent filters.
An example of what to add in the Android manifest file and the sample device_filter.xml is described here:
https://developer.android.com/guide/topics/connectivity/usb/host.html#using-intents
Related
I am making an EMM application. This application will only be installed in firm's devices only. Is there any way to grant below permissions programmatically through DevicePolicyManager.
android.permission.SYSTEM_ALERT_WINDOW (Display over other apps)
android.permission.BIND_ACCESSIBILITY_SERVICE (Accessibility service)
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS (Ignore battery optimization)
I want to grant above permissions through DevicePolicyManager as my app is a system owner app. But, I can't grant them through devicePolicyManager.setPermissionGrantState. As I have also tried devicePolicyManager.setPermittedAccessibilityServices for granting ACCESSIBILY_SERVICE programmatically, but it also didn't work. So, is there is any way I can grant above all permissions programmatically without navigating to that screen and turn in on manually. Or Is there is a way so that user cannot be able to disable the above features anyway. Like when I enable location and other permissions through DevicePolicyManager user is unable to turn it off.
So reviewing: https://developers.google.com/android/work/requirements#4.2.-runtime-permission-grant-state-management_1
and https://developers.google.com/android/management/reference/rest/v1/enterprises.policies#permissionpolicy
seem to indicate at you can create a policy which will automatically grant permissions.
I do see:
PERMISSION_POLICY_AUTO_GRANT
Permission policy to always grant new permission requests for runtime permissions. Already granted or denied permissions are not affected by this.
and
PERMISSION_GRANT_STATE_GRANTED
Runtime permission state: The permission is granted to the app and the user cannot manage the permission through the UI.
which sounds like what you want.
I am developing a COSU/KIOSK application and I need to manually update the time on the device.
I am using AlertManager.setTime(Calendar) to do so, but I can't grant my application the SET_TIME permission that it is required.
The application is the device owner, and this allowed me to use many other system permissions, for example
android:name="android.permission.REBOOT"
android:name="android.permission.SHUTDOWN"
android:name="android.permission.WRITE_SETTINGS"
android:name="android.permission.INSTALL_PACKAGES"
android:name="android.permission.DELETE_PACKAGES"
All of these permissions were granted to my application, just by listing them in the manifest.xml
But SET_TIME does not work.
I also tried using the device policy manager
mDevicePolicyManager.setPermissionGrantState(mAdminComponentName, getPreferredPackageName(),
Manifest.permission.SET_TIME, DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED);
This function returned false meaning it couldn't grant permission.
How can I solve this problem without prompting the user to grant this permission to my application.
If you are targeting devices api 28+ (android 9 and higher) you can set it with setTime(ComponentName admin, long millis) function.
For lower android versions I had to rely on a device manufacturer api to set device time.
Manifest.permission.SET_TIME is proteced/system permission, sadly deviceOwner cannot grant any protected permissions with setPermissionGrantState() function.
There is very important word in its documentation:
Sets the grant state of a !runtime! permission for a specific application.
A device owner can grant runtime permissions to a third-party app using DevicePolicyManager.setPermissionGrantState() to avoid user prompts.
But is there any way for a device owner to grant USB permissions as well, so that this app gets access to plugged USB devices without user prompt ?
I've tried to call UsbManager.grantPermission() (with reflection) but it raises a SecurityException since it requires the MANAGE_USB permission which is granted only to system apps (and not to device owner, obviously).
NB: I'm looking for a solution working on a non-root & non-custom Android system, the device owner app is set using Android Enterprise provisioning methods.
There is a special system config to disable USB permission dialogs:
https://github.com/aosp-mirror/platform_frameworks_base/blob/8ff4a5a5b510e724b25ac00369696594bb0c9fdc/core/res/res/values/config.xml#L2283
Maybe you can also change it at runtime with root privileges using setprop.
Another way is to customize the UsbUserSettingsManager class, specifically this method: https://android.googlesource.com/platform/frameworks/base.git/+/master/services/usb/java/com/android/server/usb/UsbUserSettingsManager.java#178
I assumed that as a device owner you have full control over your ROM source code.
It's a bit old, but hopefully it helps s.o. else.
I've been using this for granting permission to apps
public boolean setPermissionGrantState (ComponentName admin,
String packageName,
String permission,
int grantState)
Link: https://developer.android.com/reference/android/app/admin/DevicePolicyManager#setPermissionGrantState(android.content.ComponentName,%20java.lang.String,%20java.lang.String,%20int)
I'm building a bluetooth app for android. I have a UI button, and when I press it, I want to engage bluetooth discovery mode for 30 seconds. The code I have right now does this perfectly, however it generates a popup to ask if I want to allow bluetooth discovery. This popup kinda ruins the flow of my application, so is there a way to bypass it?
No you can't bypass it. The dynamic permissions were introduced with Android 6. This allows the user to specify the permissions he want to grant to an App more precisely.
For an Android user it doesn't ruin the flow. It is normal for him. This is how Android works (and iOS, too btw).
See: https://developer.android.com/guide/topics/permissions/requesting.html
The BLUETOOTH_ADMINis considered as a normal permission. But for a scan, you also need ACCESS_COARSE_LOCATION and/or ACCESS_FINE_LOCATION. These are classified as dangerous permissions and that's why you need to ask the user once.
also see: BluetoothLeScanner.startScan()
There are several blog posts on how to handle permissions. James Montemagno released a plugin for that.
Blog Post
Permission Plugin
Yes. You can check if it's enabled and enable it programmatically,
BluetoothManager btm = (BluetoothManager) getSystemService(Context.BLUETOOTH_SERVICE);
BluetoothAdapter bta = btm.getAdapter();
if (!bta.isEnabled()) {
boolean ret = bta.enable();
if (!ret) {
// enable failed!
}
}
You need to have the BLUETOOTH_ADMIN permission,
<uses-permission android:name="android.permission.BLUETOOTH_ADMIN"/>
For allowing or preventing manually installation of apk file from sdcard we ticks/unticks the checkbox which says "Allow installation of app from unknown source".
Can we do this Programmatically by avoiding any User Interface?
Thanks,
Nirav
No, not unless you're a carrier, or not unless you're on an enterprise phone that your company has admin access over.
This is part of the security model of Android, so that a user can not lose the control of his phone to a malicious application.
Here are the actual permissions you would need to do something like that:
<uses-permission android:name="android.permission.WRITE_SETTINGS" />
<uses-permission android:name="android.permission.WRITE_SECURE_SETTINGS" />
You can try using those permissions, but by design they won't work unless you have root access to the device.
Within the device settings, users are able to view permissions for
applications they have previously installed. Users can also turn off
some functionality globally when they choose, such as disabling GPS,
radio, or wi-fi.
In the event that an application attempts to use a protected feature
which has not been declared in the application's manifest, the
permission failure will typically result in a security exception being
thrown back to the application. Protected API permission checks are
enforced at the lowest possible level to prevent circumvention.